how to stop Whm/cpanel from broadcasting user names?

M

matt621

Well-Known Member
Jun 25, 2003
175
0
166
Spammers send spam to [email protected]

I've found ways of solving that problem, here and abroad, however, one thing that has bothered me is how the spammers get the "username" in the first place. The clients username should be protected just like their password.

But somehow whm/cpanel seems to be broadcasting this information. I have setup test accounts with jibberish usernames and sure enough it'll start getting spam if I don't take care of it.

So how do we stop cpanel/whm from providing a list of user names on the box?
 
chirpy

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
31
473
Go on, have a guess
Well, only user hosted on the server can get a list of actual usernames. What you're most likely seeing are what are known as dictionary attacks. You can protect against those using an exim ACL that blocks the spammer after a number of attempts:
http://www.configserver.com/free/eximdeny.html
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
D You must stop and disable firewalld when using csf Security 2
R How to remember user to stop 2FA on a specific computer? Security 1
T SOLVED cPanel & WHM change log feed update is stopped. Security 2
bigste WHM/cPanel only works if iptables service is stopped! Security 9
K SSL on WHM/Cpanel stoped working Security 15
Similar threads
You must stop and disable firewalld when using csf
How to remember user to stop 2FA on a specific computer?
SOLVED cPanel & WHM change log feed update is stopped.
WHM/cPanel only works if iptables service is stopped!
SSL on WHM/Cpanel stoped working
Top Bottom